For those living under the rock who don't know what pinkary is...
Pinkary is an open-source social media platform created by Nuno Maduro, who is known for his contributions to the Laravel framework. The platform is built using Laravel and Livewire.
Pinkary provides features typical of social media platforms, such as user profiles, posts, and interactions, and asking questions to people (with and without disclosing your identity). Anyone can contribute to its codebase, customize its functionality, or use it as a learning resource for Laravel and PHP.
Rejecting the disposable email validation rule
contributed by Tomás López , this validation rule rejects all the registration and email update attempts from any disposable email available. The approach is simaple.
A new Rule (UnauthorizedEmailProviders)
you can use the command below for creating the rule.
php artisan make:rule
Use the following content for the rule.
namespace App\Rules;
use Closure;
use Illuminate\Contracts\Validation\ValidationRule;
final readonly class UnauthorizedEmailProviders implements ValidationRule
{
public function __construct(
/** @see https://github.com/disposable-email-domains/disposable-email-domains/blob/master/disposable_email_blocklist.conf */
private array $unauthorizedEmailProviders = []
) {
//
}
public function validate(string $attribute, mixed $value, Closure $fail): void
{
$value = type($value)->asString();
if (mb_strpos($value, '@') !== false) {
[$emailAccount, $emailProvider] = explode('@', $value);
if (in_array($emailProvider, $this->unauthorizedEmailProviders, true)) {
$fail('The :attribute belongs to an unauthorized email provider.');
return;
}
} else {
$fail('The :attribute doesn\'t have an @.');
return;
}
}
}
Now, the $unauthorizedEmailProviders
array plays the major role here, all the emails will be checked against this array. You can populate the array from https://github.com/disposable-email-domains/disposable-email-domains/blob/master/disposable_email_blocklist.conf, which provides a detailed list of all the disposable emails available.
Using the Rule
Update you validation rule as follows
use App\Rules\UnauthorizedEmailProviders;
...
'email' => ['required', 'string', 'lowercase', 'email', 'max:255', 'unique:'.User::class, new UnauthorizedEmailProviders()],
And that's it. Now, only the emails with a valid and non-disposable address will be able to register.